API
This document contains the technical specification of the WOT API v0.4 and it's aimed at developers implementing software that uses WOT services.
Contents |
Terms and conditions
Before you continue, notice that in addition to the Terms of Service, which apply to all WOT services, the API Terms of Service apply for using the API.
Introduction
The WOT reputation system computes website reputations using information received from users and other sources. This section contains a brief introduction to some of the concepts you will need to know to develop applications that use reputation data.
Targets
Reputations are computed for websites, or targets, which are identified primarily by their DNS names. If a DNS name is not available for a target, an IPv4 or IPv6 address may be used instead. WOT also supports Internationalized Domain Names (IDN), which must be encoded to an ASCII representation as described in RFC 3490. For example:
ääkkönen.fi = xn--kknen-fraa0m.fi
Reputations
Reputations are measured for targets in several components, or applications. For each {target, application} pair, the system computes two values: a reputation estimate and the confidence in the reputation. Together, these indicate the amount of trust in the target in the given component.
Components
Reputation components are identified by numbers. These are the current components and their interpretations:
| Component | Description | Example |
|---|---|---|
| 0 | “Trustworthiness” | “Do you trust this website? Is it safe to use? Does it deliver what it promises?” |
| 1 | “Vendor reliability” | “Is the site safe for buying and selling, or for business transactions in general?” |
| 2 | “Privacy” | “Can you trust the site owner, safely supply personal information, and download files? ” |
| 4 | “Child safety” | “Does the site contain age-inappropriate material?” |
Reputation and confidence
The reputation r ∊ {0, ..., 100} is the estimate of the collective trust for the target in the given component. The higher the value, the more the community trusts the website. The confidence c ∊ {0, ..., 100} indicates the estimated reliability of the reputation r for the {target, application} pair. Again, the higher the value, the more reliable the system considers the reputation estimate. These are the current interpretations for these values:
| Reputation | Description | Symbol |
|---|---|---|
| ≥ 80 | “Excellent” | 
|
| ≥ 60 | “Good” | 
|
| ≥ 40 | “Unsatisfactory” | 
|
| ≥ 20 | “Poor” | 
|
| ≥ 0 | “Very poor” | 
|
| Confidence | Description | Symbol |
| ≥ 45 | “5 / 5” | 
|
| ≥ 34 | “4 / 5” | 
|
| ≥ 23 | “3 / 5” | 
|
| ≥ 12 | “2 / 5” | 
|
| ≥ 6 | “1 / 5” | 
|
| ≥ 0 | “0 / 5” | 
|
Requests
The API consists of a number of interfaces, all of which are called using normal HTTP GET requests to api.mywot.com and return a response in XML or JSON format if successful. HTTP status codes are used for returning error information and parameters are passed using standard URL conventions. The request format is as follows:
http://api.mywot.com/version/interface?param1=value1¶m2=value2
TLS encryption can be used with all interfaces if requests are made from a secure web page to the reputation API, for example.
Documentation: Reputation API
These interfaces are for developers interested in using reputations in their applications and they don't require authentication or parameter encryption.
public_query2
The public_query2 API is used for requesting target reputations. If you need to request reputations for more than one target, use public_link_json instead.
Parameters
| target |
| The name of the target. If this parameter is missing, the url parameter is mandatory. |
| url (alternative to target) |
| URL to the target. |
Return codes
If the call is successful, the returned HTTP status code is 200. If a server-side error occurred, the status code is 500. If the target name or URL is invalid, the status code is 403.
Output
The API returns a reputations and confidences for all applications. The output format is:
<?xml version="1.0" encoding="UTF-8"?> <!ELEMENT query (application*)> <!ATTLIST query target CDATA #REQUIRED> <!ELEMENT application EMPTY> <!ATTLIST application name CDATA #REQUIRED r CDATA #REQUIRED c CDATA #REQUIRED>
The target attribute of the query element is the normalized name for the target. The query element contains an application element for each known {reputation, confidence} pair. If the reputation for an application is not known, the application element is omitted from the output.
Example
Request:
http://api.mywot.com/0.4/public_query2?target=example.com
Alternative request:
http://api.mywot.com/0.4/public_query2?url=http://example.com/
Response:
<?xml version="1.0" encoding="UTF-8"?> <query target="example.com"> <application name="0" r="89" c="44"/> <application name="1" r="89" c="46"/> <application name="2" r="92" c="47"/> <application name="4" r="93" c="48"/> </query>
public_link_json
The public_link_json API is used for requesting reputations for multiple targets.
Parameters
| hosts |
| A list of target names separated with a forward slash (“/”). For example, www.example.com/another.example.net/onemore.example.org/. The value must end with a slash and must include at most 100 target names. Note: the full request path must also be less than 8 KiB or it will be rejected. |
| callback (optional) |
| The name of the callback function for a response in the JSONP (JSON with Padding) format. |
Return codes
If the call is successful, the returned HTTP status code is 200. If a server-side error occurred, the status code is 500.
Output
The API returns a reputations and confidences for all applications in a JSON or a JSONP format, depending on whether the callback parameter is specified in the request. The format is as follows:
- The response object has one attribute for each target, named by the unchanged target name given in the hosts parameter.
- Each target object has a target attribute, which contains the normalized target name.
- Each target object also has zero or more application attributes with names ∊ {“0”,“1”, ...}.
- Each application attribute contains an array with {r, c} values for the application. If the reputation for an application is not known, the corresponding application attribute is omitted from the output.
Example
Request:
http://api.mywot.com/0.4/public_link_json?hosts=example.COM/www.EXAMPLE.NET/&callback=process
Response:
process({
"example.COM": {
"target": "example.com",
"0": [ 91, 53 ],
"4": [ 93, 53 ]
},
"www.EXAMPLE.NET": {
"target": "example.net",
"0": [ 96, 43 ]
}
})
